mibiisa(1M) System Administration Commands mibiisa(1M)
NAME
mibiisa - Sun SNMP Agent
SYNOPSIS
mibiisa [-ar] [-c config-dir] [-d debug-level] [-p port]
[-t cache-timer]
DESCRIPTION
The mibiisa utility is an RFC 1157-compliant SNMP agent. It supports MIB-II as defined in RFC 1213, with Sun extensions under Sun's enter-
prise number. The MIB (Management Information Base) is both readable and writable. The mibiisa utility supports all SNMP protocol opera-
tions including GET-REQUEST, GETNEXT-REQUEST, SET-REQUEST, GET-REPLY, and TRAP.
The SMA (Systems Management Agent) is the default SNMP agent in Solaris. MIB-II subagent mibiisa does not run by default. To enable mibi-
isa, rename the configuration file from /etc/snmp/conf/mibiisa.rsrc- to /etc/snmp/conf/mibiisa.rsrc. SMA has the capability to handle any
MIB-II requests. See netsnmp(5).
The mibiisa utility supports the coldStart, linkUp, linkDown, and authentication traps. The authentication trap may be disabled by a com-
mand-line switch, which itself may be overridden by a management station writing to a MIB variable in the standard SNMP MIB group.
The mibiisa utility supports four distinct views of the MIB. The view used for any request is determined by the community string contained
in that request.
To enhance security, mibiisa supports an option to block all writes to the MIB. You can also limit the set of management stations from
which the agent will accept requests in the configuration file used when starting the mibiisa. See the section for more information.
Unless overridden, mibiisa uses UDP port 161, the standard SNMP port. The mibiisa utility issues traps through the same port on which it
receives SNMP requests.
The mibiisa utility must run with super-user privileges and is typically started at system startup via /etc/rc3.d. mibiisa may not be
started using inetd(1M). When started, mibiisa detaches itself from the keyboard, disables all signals except SIGKILL, SIGILL, SIGUSR1, and
SIGUSR2, and places itself in the background.
OPTIONS
The following options are supported by mibiisa:
-a Disable the generation of authentication traps. However, an SNMP manager may write a value into snmpEnableAuthenTraps to
enable or disable authentication traps.
-c config-dir Specify a directory where it expects snmpd.conf file, on startup. The default directory is /etc/snmp/conf.
-d debug-level Debug. A value of 0 disables all debug and is the default. Levels 1 through 3 represent increasing levels of debug out-
put. When mibiisa receives the signal SIGUSR1, it resets the debug-level to 0. When mibiisa receives the signal SIGUSR2,
it increments the debug-level by one.
Debug output is sent to the standard output in effect at the time mibiisa is started. No matter what debug level is in
effect, certain significant events are logged in the system log.
-p port Define an alternative UDP port on which mibiisa listens for incoming requests. The default is UDP port 161.
-r Place the MIB into read-only mode.
-t cache-timer By default, information fetched from the kernel is considered to be valid for 45 seconds from the time it is retrieved.
This cache lifetime may be altered with this parameter. You cannot set cache-timer to any value less than 1.
CONFIGURATION FILE
The snmpd.conf file is used for configuration information. Each entry in the file consists of a keyword followed by a parameter string. The
keyword must begin in the first position. Parameters are separated from the keyword and from one another by white space. Case in keywords
is ignored. Each entry must be contained on a single line. All text following (and including) a pound sign (#) is ignored. Keywords cur-
rently supported are:
sysdescr
The value to be used to answer queries for sysDescr.
syscontact
The value to be used to answer queries for sysContact.
syslocation
The value to be used to answer queries for sysLocation.
trap
The parameter names one or more hosts to receive traps. Only five hosts may be listed.
system-group-read-community
The community name to get read access to the system group and Sun's extended system group.
system-group-write-community
The community name to get write access to the system group and Sun's extended system group.
read-community
The community name to get read access to the entire MIB.
write-community
The community name to get write access to the entire MIB (implies read access).
trap-community
The community name to be used in traps.
kernel-file
The name of the file to use for kernel symbols.
managers
The names of hosts that may send SNMP queries. Only five hosts may be listed on any one line. This keyword may be repeated for a total
of 32 hosts.
newdevice
The additional devices which are not built in SNMPD. The format is as follows: newdevice type speed name where newdevice is the key-
word, type is an integer which has to match your schema file, speed is the new device's speed, and name is this new device's name.
An example snmpd.conf file is shown below:
sysdescr Sun SNMP Agent, Sun Fire 4800, Company
Property Number 123456
syscontact Cliff Claven
sysLocation Room 1515, building 1
#
system-group-read-community public
system-group-write-community private
#
read-community all_public
write-community all_private
#
trap localhost
trap-community SNMP-trap
#
#kernel-file /vmunix
#
managers lvs golden
managers swap
INSTALLATION
The mibiisa utility and its configuration file, snmpd.conf, may be placed in any directory. However for Solaris 2.4 and subseqent releases,
use /usr/lib/snmp for mibiisa itself and /etc/snmp/conf for the configuration file. You can modify the configuration file as appropriate.
If you make any changes to snmpd.conf file keyword values, you must kill and restart mibiisa for the changes to take effect.
Your /etc/services file (or NIS equivalent) should contain the following entries:
snmp 161/udp # Simple Network Mgmt Protocol
snmp-trap 162/udp snmptrap # SNMP trap (event) messages
The following is an example for Solaris 2.x and releases compatible with Solaris 2.x, such as Solaris 9:
#
# Start the SNMP agent
#
if [ -f /etc/snmp/conf/snmpd.conf -a -x
/usr/lib/snmp/mibiisa ];
then
/opt/SUNWconn/snm/agents/snmpd
echo 'Starting SNMP-agent.'
SECURITY
SNMP, as presently defined, offers relatively little security. The mibiisa utility accepts requests from other machines, which can have the
effect of disabling the network capabilities of your computer. To limit the risk, the configuration file lets you specify a list of up to
32 manager stations from which mibiisa will accept requests. If you do not specify any such manager stations, mibiisa accepts requests from
anywhere.
The mibiisa utility also allows you to mark the MIB as "read-only" by using the -r option.
mibiisa supports four different community strings. These strings, however, are visible in the configuration file and within the SNMP pack-
ets as they flow on the network.
The configuration file should be owned by, and readable only by super-user. In other words the mode should be:
-rw------- 1 root 2090 Oct 17 15:04 /etc/snmp/conf/snmpd.conf
Managers can be restricted based on the community strings. This can be configured by creating an optional secondary configuration file
/etc/snmp/conf/mibiisa.acl. To enable such a restriction, add the security line in the /etc/snmp/conf/mibiisa.rsrc file.
An example mibiisa.acl file is as follows:
acl = {
{
communities = public
access = read-only
managers = xyz
}
{
communities = private
access = read-write
managers = abc,pqrs
}
}
An example mibiisa.rsrc file is as follows:
resource =
{
{
registration_file = "/etc/snmp/conf/mibiisa.reg"
security = "/etc/snmp/conf/mibiisa.acl"
policy = "spawn"
type = "legacy"
command = "/usr/lib/snmp/mibiisa -r -p $PORT"
}
}
MIB
This section discusses some of the differences between the mibiisa MIB and the standard MIB-II (as defined in RFC 1213).
The following variables are read-only in the mibiisa MIB:
sysName
atIfIndex
ipDefaultTTL
These variables are read-write in the standard MIB-II.
The mibiisa MIB Address Translation tables support limited write access: only atPhysAddress may be written, either to change the physical
address of an existing entry or to delete an entire ARP table entry.
The mibiisa MIB IP Net to Media table supports limited write access: only ipNetToMediaPhysAddress and ipNetToMediaType may be written,
either to change the physical address of an existing entry or to delete an entire ARP table entry.
The following variables are read-write in the mibiisa MIB; however, these variables have fixed values. Any new values "set" to them are
accepted, but have no effect:
ipRoutIfIndex
ipRouteMetric1
ipRouteMetric2
ipRouteMetric3
ipRouteMetric4
ipRouteType
ipRouteAge
ipRouteMask
ipRouteMetric5
The following mibiisa MIB variable reflects the actual state of the related table entry. "Sets" are accepted but have no effect:
tcpConnState
The following mibiisa MIB variables are readable, but return a fixed value:
icmpInDestUnreachs Returns 1
icmpInTimeExcds Returns 1
icmpInParmProbs Returns 1
icmpInSrcQuenchs Returns 1
icmpInRedirects Returns 1
icmpInEchos Returns 1
icmpInEchoReps Returns 1
icmpInTimestamps Returns 1
icmpInTimestampReps Returns 1
icmpInAddrMasks Returns 1
icmpInAddrMaskReps Returns 1
icmpOutDestUnreachs Returns 1
icmpOutTimeExcds Returns 1
icmpOutParmProbs Returns 1
icmpOutSrcQuenchs Returns 1
icmpOutRedirects Returns 1
icmpOutEchos Returns 1
icmpOutEchoReps Returns 1
icmpOutTimestamps Returns 1
icmpOutTimestampReps Returns 1
icmpOutAddrMasks Returns 1
icmpOutAddrMaskReps Returns 1
ifInUnknownProtos Returns 0
ipAdEntBcastAddr Returns 1
ipAdEntReasmMaxSiz Returns 65535
ipRouteMetric1 Returns -1
ipRouteMetric2 Returns -1
ipRouteMetric3 Returns -1
ipRouteMetric4 Returns -1
ipRouteAge Returns 0
ipRouteMetric5 Returns -1
ipNetToMediaType Returns(3) dynamic
ipRoutingDiscards Returns 0
The following variables return a fixed value of 0 for drivers not conforming to the GLD framework (see gld(7D)), including the old LAN
drivers on SPARC machines:
ifInOctets Returns 0
ifInNUcastPkts Returns 0
ifInDiscards Returns 0
ifOutOctets Returns 0
ifOutNUcastPkts Returns 0
ifOutDiscards Returns 0
SCHEMA ATTRIBUTES
The following describes the attributes in the group and table definitions in the /var/snmp/mib/sun.mib file.
system
The system group reports statistics about a particular system (for example, a workstation or a printer).
sysDescr - A textual description of the entity. This value should include the full name and version identification of the system's hardware
type, software operating-system, and networking software. This value must only contain printable ASCII characters. (string[255])
sysObjectID - The vendor's authoritative identification of the network management subsystem contained in the entity. This value is allo-
cated within the SMI enterprises subtree (1.3.6.1.4.1) and provides an easy and unambiguous means for determining what type of equipment is
being managed. For example, if vendor "Flintstones, Inc." was assigned the subtree 1.3.6.1.4.1.4242, it could assign the identifier
1.3.6.1.4.1.4242.1.1 to its "Fred Router." (objectid)
sysUpTime - Time (in hundredths of a second) since the network management portion of the system was last reinitialized. (timeticks)
sysContact - The textual identification of the contact person for this managed node, together with information on how to contact this per-
son. (string[255])
sysName - An administratively-assigned name for this managed node. By convention, this is the node's fully-qualified domain name.
(string[255])
sysLocation - The physical location of this node (for example, "telephone closet, 3rd floor" (string[255]))
sysServices - A value indicating the set of services that this entity primarily offers. (int) The value is a sum. This sum initially takes
the value zero. Then, for each layer L in the range 1 through 7 for which this node performs transactions, 2 raised to (L - 1) is added to
the sum. For example, a node that performs primarily routing functions would have a value of 4 (2**(3-1)). In contrast, a node that is a
host offering application services would have a value of 72 (2**(4-1) + 2**(7-1)). Note that in the context of the Internet suite of proto-
cols, values should be calculated accordingly:
Layer Functionality
1 physical (such as repeaters)
2 datalink/subnetwork (such as bridges)
3 internet (such as IP gateways)
4 end-to-end (such as IP hosts)
7 applications (such as mail relays)
For systems including OSI protocols, Layers 5 and 6 may also be counted.
interfaces
The interfaces group reports the number of interfaces handled by the agent.
ifNumber - The number of network interfaces, regardless of their current state, present on this system. (int)
ifTable
The ifTable is a table of interface entries. The number of entries is given by the value of ifNumber.
ifIndex - A unique value for each interface. Its value ranges between 1 and the value of ifNumber. The value for each interface must remain
constant at least from one reinitialization of the entity's network management system to the next reinitialization. (int)
ifDescr - A textual string containing information about the interface. This string should include the name of the manufacturer, the product
name, and the version of the hardware interface. (string[255])
ifType - The type of interface, distinguished according to the physical/link protocol(s) immediately below the network layer in the proto-
col stack. (enum)
ifMtu - The size of the largest datagram that can be sent/received on the interface, specified in octets. For interfaces used for transmit-
ting network datagrams, this is the size of the largest network datagram that can be sent on the interface. (int)
ifSpeed - An estimate of the interface's current bandwidth in bits-per-second. For interfaces that do not vary in bandwidth, or for those
where no accurate estimation can be made, this object should contain the nominal bandwidth. (gauge)
if1hysAddress - The interface's address at the protocol layer immediately below the network layer in the protocol stack. For interfaces
without such an address (for example, a serial line), this object should contain an octet string of zero length. (octet[128])
ifAdminStatus - The desired state of the interface. The testing(3) state indicates that no operational packets can be passed. (enum)
if OperStatus - The current operational state of the interface. The testing(3) state indicates that no operational packets can be passed.
(enum)
ifLastChange - The value of sysUpTime at the time the interface entered its current operational state. If the current state was entered
prior to the last reinitialization of the local network management subsystem, then this object contains a zero value. (timeticks)
ifInOctets - The total number of octets received on the interface, including framing characters. (counter) Returns a fixed value of 0.
ifInUcastPkts - The number of subnetwork-unicast packets delivered to a higher-layer protocol. (counter)
ifInNUcastPkts - The number of non-unicast (that is, subnetwork- broadcast or subnetwork-multicast) packets delivered to a higher-layer
protocol. (counter) Returns a fixed value of 0.
ifInDiscards - The number of inbound packets chosen to be discarded, even though no errors had been detected to prevent their being deliv-
erable to a higher-layer protocol. One possible reason for discarding such a packet could be to free up buffer space. (counter) Returns a
fixed value of 0.
ifInErrors - The number of inbound packets that contained errors preventing them from being deliverable to a higher-layer protocol.
(counter)
ifInUnknownProtos - The number of packets received via the interface that were discarded because of an unknown or unsupported protocol.
(counter) Returns a fixed value of 0.
ifOutOctets - The total number of octets transmitted out of the interface, including framing characters. (counter) Returns a fixed value of
0.
ifOutUcastPkts - The total number of packets that higher-level protocols requested be transmitted to a subnetwork-unicast address, includ-
ing those that were discarded or not sent. (counter)
ifOutNUcastPkts - The total number of packets that higher-level protocols requested be transmitted to a non- unicast (that is, a subnet-
work-broadcast or subnetwork-multicast) address, including those that were discarded or not sent. (counter) Returns a fixed value of 0.
ifOutDiscards - The number of outbound packets that were chosen to be discarded even though no errors had been detected to prevent their
being transmitted. One possible reason for discarding such a packet could be to free up buffer space. (counter) Returns a fixed value of 0.
ifOutErrors - The number of outbound packets that could not be transmitted because of errors. (counter)
ifOutQLen - The length of the output packet queue (in packets). (gauge)
ifSpecific - A reference to MIB definitions specific to the particular media being used to realize the interface. For example, if the
interface is realized by an Ethernet, then the value of this object refers to a document defining objects specific to Ethernet. If this
information is not present, its value should be set to the OBJECT IDENTIFIER { 0 0 }, which is a syntactically valid object identifier. Any
conformant implementation of ASN.1 and BER must be able to generate and recognize this value. (objectid)
atTable
atTable Address Translation tables contain the NetworkAddress to physical address equivalences. Some interfaces do not use translation
tables for determining address equivalences (for example, DDN-X.25 has an algorithmic method). If all interfaces are of this type, then the
Address Translation table is empty, that is, has zero entries.
atIfIndex - The interface on which this entry's equivalence is effective. The interface identified by a particular value of this index is
the same interface as identified by the same value of ifIndex. (int)
atPhysAddress - The media-dependent physical address. (octet[128]) Setting this object to a null string (one of zero length) has the effect
of invaliding the corresponding entry in the atTable object. That is, it effectively dissociates the interface identified with said entry
from the mapping identified with said entry. It is an implementation-specific matter as to whether the agent removes an invalidated entry
from the table. Accordingly, management stations must be prepared to receive tabular information from agents that corresponds to entries
not currently in use. Proper interpretation of such entries requires examination of the relevant atPhysAddress object.
atNetAddress - The NetworkAddress (that is, the IP address) corresponding to the media-dependent physical address. (netaddress)
ip
The ip group reports statistics about the Internet Protocol (IP) group.
ipForwarding - The indication of whether this entity is acting as an IP gateway in respect to the forwarding of datagrams received by, but
not addressed to, this entity. IP gateways forward datagrams. IP hosts do not-- except those source-routed via the host. (enum)
Note that for some managed nodes, this object may take on only a subset of the values possible. Accordingly, it is appropriate for an agent
to return a "badValue" response if a management station attempts to change this object to an inappropriate value.
ipDefaultTTL - The default value inserted into the Time-To-Live field of the IP header of datagrams originated at this entity, whenever a
TTL value is not supplied by the transport layer protocol. (int)
ipInReceives - The total number of input datagrams received from interfaces, including those received in error. (counter)
ipInHdrErrors - The number of input datagrams discarded due to errors in their IP headers, including bad checksums, version number mis-
match, other format errors, time-to-live exceeded, errors discovered in processing their IP options, and so on. (counter)
ipInAddrErrors - The number of input datagrams discarded because the IP address in their IP header's destination field was not a valid
address to be received at this entity. This count includes invalid addresses (for example, 0.0.0.0) and addresses of unsupported Classes
(for example, Class E). For entities that are not IP Gateways and therefore do not forward datagrams, this counter includes datagrams dis-
carded because the destination address was not a local address. (counter)
ipForwDatagrams - The number of input datagrams for which this entity was not their final IP destination, as a result of which an attempt
was made to find a route to forward them to that final destination. In entities that do not act as IP Gateways, this counter will include
only those packets that were Source-Routed via this entity, and the Source- Route option processing was successful. (counter)
ipInUnknownProtos - The number of locally-addressed datagrams received successfully but discarded because of an unknown or unsupported pro-
tocol. (counter)
ipInDiscards - The number of input IP datagrams for which no problems were encountered to prevent their continued processing, but which
were discarded, for example, for lack of buffer space. Note that this counter does not include any datagrams discarded while awaiting
reassembly. (counter)
ipInDelivers - The total number of input datagrams successfully delivered to IP user-protocols (including ICMP). (counter)
ipOutRequests - The total number of IP datagrams that local IP user-protocols (including ICMP) supplied to IP in requests for transmission.
Note that this counter does not include any datagrams counted in ipForwDatagrams. (counter)
ipOutDiscards - The number of output IP datagrams for which no problem was encountered to prevent their transmission to their destination,
but which were discarded (for example, for lack of buffer space). Note that this counter would include datagrams counted in ipForwDatagrams
if any such packets met this (discretionary) discard criterion. (counter)
ipOutNoRoutes - The number of IP datagrams discarded because no route could be found to transmit them to their destination. Note that this
counter includes any packets counted in ipForwDatagrams which meet this "no-route" criterion. Note that this includes any datagrams that a
host cannot route because all its default gateways are down. (counter)
ipReasmTimeout - The maximum number of seconds that received fragments are held while they are awaiting reassembly at this entity. (int)
ipReasmReqds - The number of IP fragments received that needed to be reassembled at this entity. (counter)
ipReasmOKs - The number of IP datagrams successfully reassembled. (counter)
ipReasmFails - The number of failures detected by the IP reassembly algorithm, for whatever reason: timed out, errors, and the like. Note
that this is not necessarily a count of discarded IP fragments since some algorithms (notably the algorithm in RFC 815) can lose track of
the number of fragments by combining them as they are received. (counter)
ipFragOKs - The number of IP datagrams that have been successfully fragmented at this entity. (counter)
ipFragFails - The number of IP datagrams that have been discarded because they needed to be fragmented at this entity but could not be, for
example, because their "Don't Fragment" flag was set. (counter)
ipFragCreates - The number of IP datagram fragments that have been generated as a result of fragmentation at this entity. (counter)
ipRoutingDiscards - The number of routing entries that were chosen to be discarded even though they were valid. One possible reason for
discarding such an entry could be to free-up buffer space for other routing entries. (counter) Returns a fixed value of 0.
ipAddrTable
ipAddrTable is a table of addressing information relevant to this entity's IP addresses.
ipAdEntAddr - The IP address to which this entry's addressing information pertains. (netaddress)
ipAdEntIfIndex - The index value that uniquely identifies the interface to which this entry is applicable. The interface identified by a
particular value of this index is the same interface as identified by the same value of ifIndex. (int)
ipAdEntNetMask - The subnet mask associated with the IP address of this entry. The value of the mask is an IP address with all the network
bits set to 1, and all the hosts bits set to 0. (netaddress)
ipAdEntBcastAddr - The value of the least-significant bit in the IP broadcast address used for sending datagrams on the (logical) interface
associated with the IP address of this entry. For example, when the Internet standard all-ones broadcast address is used, the value will be
1. This value applies to both the subnet and network broadcasts addresses used by the entity on this (logical) interface. (int) Returns a
fixed value of 1.
ipAdEntReasmMaxSize - The size of the largest IP datagram that this entity can reassemble from incoming IP fragmented datagrams received on
this interface. (int) Returns a fixed value of 65535.
ipRouteTable
The ipRouteTable is this entity's IP Routing table.
ipRouteDest - The destination IP address of this route. An entry with a value of 0.0.0.0 is considered a default route. Multiple routes to
a single destination can appear in the table, but access to such multiple entries is dependent on the table- access mechanisms defined by
the network management protocol in use. (netaddress)
ipRouteIfIndex - The index value that uniquely identifies the local interface through which the next hop of this route should be reached.
The interface identified by a particular value of this index is the same interface as identified by the same value of ifIndex. (int)
ipRouteMetric1 - The primary routing metric for this route. The semantics of this metric are determined by the routing-protocol specified
in the route's ipRouteProto value. If this metric is not used, its value should be set to -1. (int) Returns a fixed value of -1.
ipRouteMetric2 - An alternate routing metric for this route. The semantics of this metric are determined by the routing-protocol specified
in the route's ipRouteProto value. If this metric is not used, its value should be set to -1. (int) Returns a fixed value of -1.
ipRouteMetric3 - An alternate routing metric for this route. The semantics of this metric are determined by the routing-protocol specified
in the route's ipRouteProto value. If this metric is not used, its value should be set to -1. (int) Returns a fixed value of -1.
ipRouteMetric4 - An alternate routing metric for this route. The semantics of this metric are determined by the routing-protocol specified
in the route's ipRouteProto value. If this metric is not used, its value should be set to -1. (int) Returns a fixed value of -1.
ipRouteNextHop - The IP address of the next hop of this route. (In the case of a route bound to an interface that is realized via a broad-
cast media, the value of this field is the agent's IP address on that interface.) (netaddress)
ipRouteType - The type of route. Note that the values direct(3) and indirect(4) refer to the notion of direct and indirect routing in the
IP architecture. (enum)
Setting this object to the value invalid(2) has the effect of invalidating the corresponding entry in the ipRouteTable object. That is, it
effectively dissociates the destination identified with said entry from the route identified with said entry. It is an implementation-spe-
cific matter as to whether the agent removes an invalidated entry from the table. Accordingly, management stations must be prepared to
receive tabular information from agents that corresponds to entries not currently in use. Proper interpretation of such entries requires
examination of the relevant ipRouteType object.
ipRouteProto - The routing mechanism through which this route was learned. Inclusion of values for gateway routing protocols is not
intended to imply that hosts should support those protocols. (enum)
ipRouteAge - The number of seconds since this route was last updated or otherwise determined to be correct. Note that no semantics of "too
old" can be implied except through knowledge of the routing protocol by which the route was learned. (int) Returns a fixed value of 0.
ipRouteMask - Indicate the mask to be logical-ANDed with the destination address before being compared to the value in the ipRouteDest
field. For those systems that do not support arbitrary subnet masks, an agent constructs the value of the ipRouteMask by determining
whether the value of the correspondent ipRouteDest field belongs to a class-A, B, or C network, and then using one of:
Mask Network
255.0.0.0 class-A
255.255.0.0 class-B
255.255.255.0 class-C
If the value of the ipRouteDest is 0.0.0.0 (a default route), then the mask value is also 0.0.0.0. It should be noted that all IP routing
subsystems implicitly use this mechanism. (netaddress)
ipRouteMetric5 - An alternate routing metric for this route. The semantics of this metric are determined by the routing-protocol specified
in the route's ipRouteProto value. If this metric is not used, its value should be set to -1. (int) Returns a fixed value of -1.
ipRouteInfo - A reference to MIB definitions specific to the particular routing protocol responsible for this route, as determined by the
value specified in the route's ipRouteProto value. If this information is not present, its value should be set to the OBJECT IDENTIFIER { 0
0 }, which is a syntactically valid object identifier. Any conformant implementation of ASN.1 and BER must be able to generate and recog-
nize this value. (objectid)
ipNetToMediaTable
The ipNetToMediaTable is the IP Address Translation table used for mapping from IP addresses to physical addresses.
ipNetToMediaIfIndex - The interface on which this entry's equivalence is effective. The interface identified by a particular value of this
index is the same interface as identified by the same value of ifIndex. (int)
ipNetToMediaPhysAddress - The media-dependent physical address. (octet[128])
ipNetToMediaNetAddress - The IpAddress corresponding to the media- dependent physical address. (netaddress)
ipNetToMediaType - The type of mapping. (enum) Returns a fixed value of(3)dynamic. Setting this object to the value invalid(2) has the
effect of invalidating the corresponding entry in the ipNetToMediaTable. That is, it effectively dissociates the interface identified with
said entry from the mapping identified with said entry. It is an implementation-specific matter as to whether the agent removes an invali-
dated entry from the table. Accordingly, management stations must be prepared to receive tabular information from agents that corresponds
to entries not currently in use. Proper interpretation of such entries requires examination of the relevant ipNetToMediaType object.
icmp
The icmp group reports statistics about the ICMP group.
icmpInMsgs - The total number of ICMP messages that the entity received. Note that this counter includes all those counted by icmpInErrors.
(counter)
icmpInErrors - The number of ICMP messages that the entity received but determined as having ICMP-specific errors (bad ICMP checksums, bad
length, and the like.). (counter)
icmpInDestUnreachs - The number of ICMP Destination Unreachable messages received. (counter)
icmpInTimeExcds - The number of ICMP Time Exceeded messages received. (counter)
icmpInParmProbs - The number of ICMP Parameter Problem messages received. (counter)
icmpInSrcQuenchs - The number of ICMP Source Quench messages received. (counter)
icmpInRedirects - The number of ICMP Redirect messages received. (counter)
icmpInEchos - The number of ICMP Echo (request) messages received. (counter)
icmpInEchoReps - The number of ICMP Echo Reply messages received. (counter)
icmpInTimestamps - The number of ICMP Timestamp (request) messages received. (counter)
icmpInTimestampReps - The number of ICMP Timestamp Reply messages received. (counter)
icmpInAddrMasks - The number of ICMP Address Mask Request messages received. (counter)
icmpInAddrMaskReps - The number of ICMP Address Mask Reply messages received. (counter)
icmpOutMsgs - The total number of ICMP messages that this entity attempted to send. Note that this counter includes all those counted by
icmpOutErrors. (counter)
icmpOutErrors - The number of ICMP messages that this entity did not send due to problems discovered within ICMP, such as a lack of buf-
fers. This value should not include errors discovered outside the ICMP layer, such as the inability of IP to route the resultant datagram.
In some implementations there may be no types of errors that contribute to this counter's value. (counter)
icmpOutDestUnreachs - The number of ICMP Destination Unreachable messages sent. (counter)
icmpOutTimeExcds - The number of ICMP Time Exceeded messages sent. (counter)
icmpOutParmProbs - The number of ICMP Parameter Problem messages sent. (counter)
icmpOutSrcQuenchs - The number of ICMP Source Quench messages sent. (counter)
icmpOutRedirects - The number of ICMP Redirect messages sent. For a host, this object will always be zero, since hosts do not send redi-
rects. (counter)
icmpOutEchos - The number of ICMP Echo (request) messages sent. (counter)
icmpOutEchoReps - The number of ICMP Echo Reply messages sent. (counter)
icmpOutTimestamps - The number of ICMP Timestamp (request) messages sent. (counter)
icmpOutTimestampReps - The number of ICMP Timestamp Reply messages sent. (counter)
icmpOutAddrMasks - The number of ICMP Address Mask Request messages sent. (counter)
icmpOutAddrMaskReps - The number of ICMP Address Mask Reply messages sent. (counter)
tcp
The tcp group reports statistics about the TCP group.
tcpRtoAlgorithm - The algorithm used to determine the timeout value used for retransmitting unacknowledged octets. (enum)
tcpRtoMin - The minimum value permitted by a TCP implementation for the retransmission timeout, measured in milliseconds. More refined
semantics for objects of this type depend upon the algorithm used to determine the retransmission timeout. In particular, when the timeout
algorithm is rsre(3), an object of this type has the semantics of the LBOUND quantity described in RFC 793. (int)
tcpRtoMax - The maximum value permitted by a TCP implementation for the retransmission timeout, measured in milliseconds. More refined
semantics for objects of this type depend upon the algorithm used to determine the retransmission timeout. In particular, when the timeout
algorithm is rsre(3), an object of this type has the semantics of the UBOUND quantity described in RFC 793. (int)
tcpMaxConn - The limit on the total number of TCP connections that the entity can support. In entities where the maximum number of connec-
tions is dynamic, this object should contain the value -1. (int)
tcpActiveOpens - The number of times that TCP connections have made a direct transition to the SYN-SENT state from the CLOSED state.
(counter)
tcpPassiveOpens - The number of times that TCP connections have made a direct transition to the SYN-RCVD state from the LISTEN state.
(counter)
tcpAttemptFails - The number of times that TCP connections have made a direct transition to the CLOSED state from either the SYN-SENT state
or the SYN-RCVD state, plus the number of times TCP connections have made a direct transition to the LISTEN state from the SYN-RCVD state.
(counter)
tcpEstabResets - The number of times TCP connections have made a direct transition to the CLOSED state from either the ESTABLISHED state or
the CLOSE-WAIT state. (counter)
tcpCurrEstab - The number of TCP connections for which the current state is either ESTABLISHED or CLOSE-WAIT. (gauge)
tcpInSegs - The total number of segments received, including those received in error. This count includes segments received on currently
established connections. (counter)
tcpOutSegs - The total number of segments sent, including those on current connections but excluding those containing only retransmitted
octets. (counter)
tcpRetransSegs - The total number of segments retransmitted - that is, the number of TCP segments transmitted containing one or more previ-
ously transmitted octets. (counter)
tcpInErrs - The total number of segments received in error (for example, bad TCP checksums). (counter)
tcpOutRsts - The number of TCP segments sent containing the RST flag. (counter)
tcpConnTable
The tcpConnTable is a table containing TCP connection-specific information.
tcpConnState - The state of this TCP connection. (enum)
The only value that may be set by a management station is deleteTCB(12). Accordingly, it is appropriate for an agent to return a "badValue"
response if a management station attempts to set this object to any other value.
If a management station sets this object to the value deleteTCB(12), then this has the effect of deleting the TCB (as defined in RFC 793)
of the corresponding connection on the managed node. This results in immediate termination of the connection.
As an implementation-specific option, an RST segment may be sent from the managed node to the other TCP endpoint. (Note, however, that RST
segments are not sent reliably.)
tcpConnLocalAddress - The local IP address for this TCP connection. For a connection in the listen state that is willing to accept connec-
tions for any IP interface associated with the node, the value 0.0.0.0 is used. (netaddress)
tcpConnLocalPort - The local port number for this TCP connection. (int)
tcpConnRemAddress - The remote IP address for this TCP connection. (netaddress)
tcpConnRemPort - The remote port number for this TCP connection. (int)
upd
The udp group reports statistics about the UDP group.
udpInDatagrams - The total number of UDP datagrams delivered to UDP users. (counter) Returns a fixed value of 0.
udpNoPorts - The total number of received UDP datagrams for which there was no application at the destination port. (counter) Returns a
fixed value of 0.
udpInErrors - The number of received UDP datagrams that could not be delivered for reasons other than the lack of an application at the
destination port. (counter)
udpOutDatagrams - The total number of UDP datagrams sent from this entity. (counter) Returns a fixed value of 0.
udpTable
The udpTable is a table containing UDP listener information.
udpLocalAddress - The local IP address for this UDP listener. For a UDP listener that is willing to accept datagrams for any IP interface
associated with the node, the value 0.0.0.0 is used. (netaddress)
udpLocalPort - The local port number for this UDP listener. (int)
snmp
The snmp group reports statistics about the SNMP group.
snmpInPkts - The total number of Messages delivered to the SNMP entity from the transport service. (counter)
snmpOutPkts - The total number of SNMP Messages passed from the SNMP protocol entity to the transport service. (counter)
snmpInBadVersions - The total number of SNMP Messages delivered to the SNMP protocol entity that were for an unsupported SNMP version.
(counter)
snmpInBadCommunityNames - The total number of SNMP Messages delivered to the SNMP protocol entity that used a SNMP community name not known
to said entity. (counter)
snmpInBadCommunityUses - The total number of SNMP Messages delivered to the SNMP protocol entity, which represented an SNMP operation not
allowed by the SNMP community named in the Message. (counter)
snmpInASNParseErrs - The total number of ASN.1 or BER errors encountered by the SNMP protocol entity when decoding received SNMP Messages.
(counter)
snmpInTooBigs - The total number of SNMP PDUs delivered to the SNMP protocol entity for which the value of the error-status field is
"tooBig." (counter)
snmpInNoSuchNames - The total number of SNMP PDUs delivered to the SNMP protocol entity for which the value of the error-status field is
"noSuchName." (counter)
snmpInBadValues - The total number of SNMP PDUs delivered to the SNMP protocol entity for which the value of the error-status field is
"badValue." (counter)
snmpInReadOnlys - The total number valid SNMP PDUs delivered to the SNMP protocol entity for which the value of the error-status field is
"readOnly." It should be noted that it is a protocol error to generate an SNMP PDU that contains the value "readOnly" in the error-status
field. This object is provided as a means of detecting incorrect implementations of the SNMP. (counter)
snmpInGenErrs - The total number of SNMP PDUs delivered to the SNMP protocol entity for which the value of the error-status field is "gen-
Err." (counter)
snmpInTotalReqVars - The total number of MIB objects successfully retrieved by the SNMP protocol entity as the result of receiving valid
SNMP Get-Request and Get-Next PDUs. (counter)
snmpInTotalSetVars - The total number of MIB objects successfully altered by the SNMP protocol entity as the result of receiving valid SNMP
Set-Request PDUs. (counter)
snmpInGetRequests - The total number of SNMP Get-Request PDUs accepted and processed by the SNMP protocol entity. (counter)
snmpInGetNexts - The total number of SNMP Get-Next PDUs accepted and processed by the SNMP protocol entity. (counter)
snmpInSetRequests - The total number of SNMP Set-Request PDUs accepted and processed by the SNMP protocol entity. (counter)
snmpInGetResponses - The total number of SNMP Get-Response PDUs accepted and processed by the SNMP protocol entity. (counter)
snmpInTraps - The total number of SNMP Trap PDUs accepted and processed by the SNMP protocol entity. (counter)
snmpOutTooBigs - The total number of SNMP PDUs generated by the SNMP protocol entity for which the value of the error-status field is
"tooBig." (counter)
snmpOutNoSuchNames - The total number of SNMP PDUs generated by the SNMP protocol entity for which the value of the error-status is
"noSuchName." (counter)
snmpOutBadValues - The total number of SNMP PDUs generated by the SNMP protocol entity for which the value of the error-status field is
"badValue." (counter)
snmpOutGenErrs - The total number of SNMP PDUs generated by the SNMP protocol entity for which the value of the error-status field is "gen-
Err." (counter)
snmpOutGetRequests - The total number of SNMP Get-Request PDUs which have been generated by the SNMP protocol entity. (counter)
snmpOutGetNexts - The total number of SNMP Get-Next PDUs generated by the SNMP protocol entity. (counter)
snmpOutSetRequests - The total number of SNMP Set-Request PDUs generated by the SNMP protocol entity. (counter)
snmpOutGetResponses - The total number of SNMP Get-Response PDUs generated by the SNMP protocol entity. (counter)
snmpOutTraps - The total number of SNMP Trap PDUs generated by the SNMP protocol entity. (counter)
snmpEnableAuthenTraps - Indicates whether the SNMP agent process is permitted to generate authentication-failure traps. The value of this
object overrides any configuration information. As such, it provides a means whereby all authentication-failure traps may be disabled.
(enum)
Note that this object must be stored in non-volatile memory, so that it remains constant between reinitializations of the network manage-
ment system.
The following are Sun-specific group and table definitions.
sunSystem
The sunSystem group reports general system information.
agentDescr - The SNMP agent's description of itself. (string[255])
hostID - The unique Sun hardware identifier. The value returned is four byte binary string. (octet[4])
motd - The first line of /etc/motd. (string[255])
unixTime - The UNIX system time. Measured in seconds since January 1, 1970 GMT. (counter)
sunProcessTable
The sunProcessTable table reports UNIX process table information.
psProcessID - The process identifier for this process. (int)
psParentProcessID - The process identifier of this process's parent. (int)
psProcessSize - The combined size of the data and stack segments (in kilobytes.) (int)
psProcessCpuTime - The CPU time (including both user and system time) consumed so far. (int)
psProcessState - The run-state of the process. (octet[4])
R Runnable
T Stopped
P In page wait
D Non-interruptable wait
S Sleeping (less than 20 seconds)
I Idle (more than 20 seconds)
Z Zombie
psProcessWaitChannel - Reason process is waiting. (octet[16])
psProcessTTY - Terminal, if any, controlling this process. (octet[16])
psProcessUserName - Name of the user associated with this process. (octet[16])
psProcessUserID - Numeric form of the name of the user associated with this process. (int)
psProcessName - Command name used to invoke this process. (octet[64])
psProcessStatus - Setting this variable will cause a signal of the set value to be sent to the process. (int)
sunHostPerf
The sunHostPerf group reports hostperf information.
rsUserProcessTime - Total number of timeticks used by user processes since the last system boot. (counter)
rsNiceModeTime - Total number of timeticks used by "nice" mode since the last system boot. (counter)
rsSystemProcessTime - Total number of timeticks used by system processes since the last system boot. (counter)
rsIdleModeTime - Total number of timeticks in idle mode since the last system boot. (counter)
rsDiskXfer1 - Total number of disk transfers since the last boot for the first of four configured disks. (counter)
rsDiskXfer2 - Total number of disk transfers since the last boot for the second of four configured disks. (counter)
rsDiskXfer3 - Total number of disk transfers since the last boot for the third of four configured disks. (counter)
rsDiskXfer4 - Total number of disk transfers since the last boot for the fourth of four configured disks. (counter)
rsVPagesIn - Number of pages read in from disk. (counter)
rsVPagesOut - Number of pages written to disk. (counter)
rsVSwapIn - Number of pages swapped in. (counter)
rsVSwapOut - Number of pages swapped out. (counter)
rsVIntr - Number of device interrupts. (counter)
rsIfInPackets - Number of input packets. (counter)
rsIfOutPackets - Number of output packets. (counter)
rsIfInErrors - Number of input errors. (counter)
rsIfOutErrors - Number of output errors. (counter)
rsIfCollisions - Number of output collisions. (counter)
FILES
/etc/snmp/conf/snmpd.conf configuration information
/etc/snmp/conf/mibiisa.acl access control file
/var/snmp/mib/sun.mib standard SNMP MIBII file
ATTRIBUTES
See attributes(5) for descriptions of the following attributes:
+-----------------------------+-----------------------------+
| ATTRIBUTE TYPE | ATTRIBUTE VALUE |
+-----------------------------+-----------------------------+
|Availability |SUNWmibii |
+-----------------------------+-----------------------------+
|Interface Stability |Obsolete |
+-----------------------------+-----------------------------+
SEE ALSO
inetd(1M), select(3C), recvfrom(3SOCKET), sendto(3SOCKET), attributes(5), gld(7D),
DIAGNOSTICS
cannot dispatch request
The proxy cannot dispatch the request. The rest of the message indicates the cause of the failure.
select(3C) failed
A select(3C) call failed. The rest of the message indicates the cause of the failure.
sendto(3SOCKET) failed
A sendto(3SOCKET) call failed. The rest of the message indicates the cause of the failure.
recvfrom(3SOCKET) failed
A recvfrom(3SOCKET) call failed. The rest of the message indicates the cause of the failure.
no response from system
The SNMP agent on the target system does not respond to SNMP requests. This error might indicate that the SNMP agent is not running on
the target system, the target system is down, or the network containing the target system is unreachable.
response too big
The agent could not fit the results of an operation into a single SNMP message. Split large groups or tables into smaller entities.
missing attribute
An attribute is missing from the requested group.
bad attribute type
An object attribute type received from the SNMP agent that does not match the attribute type specified by the proxy agent schema. The
rest of the message indicates the expected type and received type.
cannot get sysUpTime
The proxy agent cannot get the variable sysUpTime from the SNMP agent.
sysUpTime type bad
The variable sysUpTime received from the SNMP agent has the wrong data type.
unknown SNMP error
An unknown SNMP error was received.
bad variable value
The requested specified an incorrect syntax or value for a set operation.
variable is read only
The SNMP agent did not perform the set request because a variable to set may not be written.
general error
A general error was received.
cannot make request PDU
An error occurred building a request PDU.
cannot make request varbind list
An error occurred building a request variable binding list.
cannot parse response PDU
An error occurred parsing a response PDU.
request ID - response ID mismatch
The response ID does not match the request ID.
string contains non-displayable characters
A displayable string contains non-displayable characters.
cannot open schema file
An error occurred opening the proxy agent schema file.
cannot parse schema file
The proxy agent couldn't parse the proxy agent schema file.
cannot open host file
An error occurred opening the file associated with the na.snmp.hostfile keyword in /etc/snmp/conf/snmpd.conf
cannot parse host file
The proxy agent was unable to parse the file associated with the na.snmp.hostfile keyword in /etc/snmp/conf/snm.conf.
attribute unavailable for set operations
The set could not be completed because the attribute was not available for set operations.
BUGS
The mibiisa utility returns the wrong interface speed for the SBUS FDDI interface (for example, "bf0").
The mibiisa utility does not return a MAC address for the SBUS FDDI interface (for example, "bf0").
Process names retrieved from mibiisa contain a leading blank space.
When you change attribute values in the system group with an SNMP set request, the change is effective only as long as mibiisa is running.
mibiisa does not save the changes to /etc/snmp/conf/snmpd.conf.
SunOS 5.11 11 Dec 2003 mibiisa(1M)